diff --git a/README.md b/README.md index 3575d97..bf69953 100644 --- a/README.md +++ b/README.md @@ -1,34 +1,27 @@ The goal of this project is to automate a series of deployment scripts by -using [puppet](https://puppetlabs.com/learn) language instead. +using ansible language. -A brand new Ubuntu 14.04 LTS installation will be provided. +Premise: +- Machines are provisioned with a brand new Ubuntu 14.04 LTS installation. -An agreement was made to use Ansible instead of Puppet because it does not require client installed on target machine, it only requires python which is one of the basic packets installed on clean machine. +Steps to deploy a target machine: -Steps to provision target machine: + 1. Install Ansible on your local system. Follow [these instructions for + Ubuntu](http://docs.ansible.com/intro_installation.html#latest-releases-via-apt-ubuntu) + based systems: + 1. Clone this repo and create a file called `hosts` in the project root + directory with the following content, where `host_name` is the target machine + name, and `host_ip` is the target machine IP address. -1. Install Ansible on your local system. Follow these instructions for Ubuntu based systems: -http://docs.ansible.com/intro_installation.html#latest-releases-via-apt-ubuntu + [webservers] + ansible_ssh_host= + ansible_ssh_host= + ... -2. Clone this repo and create file called hosts in the project root directory with the following content: -``` -test1 ansible_ssh_host=178.62.144.132 -``` - - where: - - test1 is ansible name for target machine - - ansible_ssh_host is the target machines IP address -You can create as many as you wish separate target machines that you can use in later steps. You can also provision one machine from those defined at a time. + 3. Deploy with the following command, where `--user` sets the login user and + `--ask-pass` provides the password for such user (can be skipped if using ssh + keys). -3. With terminal, go to the root directory of the project and issue the following command: -``` -ansible-playbook -i hosts playbooks/bootstrap.yml --user root --ask-pass -``` -There is documentation for ansible-playbook [here](http://linux.die.net/man/1/ansible-playbook) + ansible-playbook -i hosts site.yml --user root --ask-pass -In the example above, I have used the following switches: - - * --user - User on the remote machine - * --ask-password - Providing the password for the remote machine using secured interactive shell - -You can skip these switches if you manage to get ssh key access to target machines. diff --git a/common/bootstrap.yml b/common/bootstrap.yml new file mode 100644 index 0000000..9411af3 --- /dev/null +++ b/common/bootstrap.yml @@ -0,0 +1,63 @@ +--- + +- name: Set hosts line + lineinfile: + dest=/etc/hosts + line="{{ ansible_ssh_host }} {{ inventory_hostname }}" + +- name: Set hostname + hostname: + name={{ inventory_hostname }} + +- name: Set timezone + lineinfile: + dest=/etc/timezone + line="America/Sao_Paulo" + +- name: Update timezone + shell: dpkg-reconfigure --frontend noninteractive tzdata + +- name: Turn bash completion on + lineinfile: backup=yes state=present dest='/etc/bash.bashrc' + regexp='{{ item.regexp }}' backrefs=yes line='{{ item.line }}' + with_items: + - { regexp: '^#if ! shopt -oq posix; then', line: 'if ! shopt -oq posix; then' } + - { regexp: '^# if \[ -f /usr/share/bash-completion/bash_completion \]\; then', line: ' if [ -f /usr/share/bash-completion/bash_completion ]; then' } + - { regexp: '^# . /usr/share/bash-completion/bash_completion', line: ' . /usr/share/bash-completion/bash_completion' } + - { regexp: '^# elif \[ -f /etc/bash_completion \]\; then', line: ' elif [ -f /etc/bash_completion ]; then' } + - { regexp: '^# . /etc/bash_completion', line: ' . /etc/bash_completion' } + - { regexp: '^# fi', line: ' fi' } + - { regexp: '^#fi', line: 'fi' } + +- name: Create bash.bashrc.d folder + file: state=directory path=/etc/bash.bashrc.d + +- name: Include bash.bashrc.d directory + lineinfile: backup=yes state=present dest=/etc/bash.bashrc + line="source /etc/bash.bashrc.d/*" + +- name: Gentoo ps + copy: src=common/bootstrap/gentoo_ps dest=/etc/bash.bashrc.d/gentoops + +- name: Append default editor to environment + lineinfile: backup=yes state=present dest=/etc/environment + line="EDITOR=vim" + +- name: Append rails environment to environment + lineinfile: backup=yes state=present dest=/etc/environment + line="RAILS_ENV=production" + +- name: File .bashrc + copy: src=common/bootstrap/root_bashrc dest=/root/.bashrc group=root owner=root mode=700 + +- name: Append additional file to vimrc + lineinfile: backup=yes state=present dest=/etc/vim/vimrc + line="source /etc/vim/vimrc.custom" + +- copy: src=common/bootstrap/vimrc.custom dest=/etc/vim/vimrc.custom + +- name: Ensure that root .ssh directory is created + file: state=directory path=/root/.ssh mode=700 + +- name: Save public key to authorized keys + get_url: url=https://github.com/rxaviers.keys dest=/root/.ssh/authorized_keys mode=700 diff --git a/playbooks/files/GentooPS b/common/bootstrap/gentoo_ps similarity index 100% rename from playbooks/files/GentooPS rename to common/bootstrap/gentoo_ps diff --git a/playbooks/files/.bashrc b/common/bootstrap/root_bashrc similarity index 100% rename from playbooks/files/.bashrc rename to common/bootstrap/root_bashrc diff --git a/playbooks/files/vimrc.custom b/common/bootstrap/vimrc.custom similarity index 100% rename from playbooks/files/vimrc.custom rename to common/bootstrap/vimrc.custom diff --git a/playbooks/bootstrap.yml b/playbooks/bootstrap.yml deleted file mode 100644 index eb2b653..0000000 --- a/playbooks/bootstrap.yml +++ /dev/null @@ -1,71 +0,0 @@ ---- -- hosts: all - sudo: yes - - tasks: - - - name: Set hosts line - lineinfile: - dest=/etc/hosts - line="{{ ansible_ssh_host }} {{ inventory_hostname }}" - - - name: Set hostname - hostname: - name={{ inventory_hostname }} - - - name: Set timezone - lineinfile: - dest=/etc/timezone - line="America/Sao_Paulo" - - - name: Update timezone - shell: dpkg-reconfigure --frontend noninteractive tzdata - - - name: Turn bash completion on - lineinfile: backup=yes state=present dest='/etc/bash.bashrc' - regexp='{{ item.regexp }}' backrefs=yes line='{{ item.line }}' - with_items: - - { regexp: '^#if ! shopt -oq posix; then', line: 'if ! shopt -oq posix; then' } - - { regexp: '^# if \[ -f /usr/share/bash-completion/bash_completion \]\; then', line: ' if [ -f /usr/share/bash-completion/bash_completion ]; then' } - - { regexp: '^# . /usr/share/bash-completion/bash_completion', line: ' . /usr/share/bash-completion/bash_completion' } - - { regexp: '^# elif \[ -f /etc/bash_completion \]\; then', line: ' elif [ -f /etc/bash_completion ]; then' } - - { regexp: '^# . /etc/bash_completion', line: ' . /etc/bash_completion' } - - { regexp: '^# fi', line: ' fi' } - - { regexp: '^#fi', line: 'fi' } - - - name: Create bash.bashrc.d folder - file: state=directory path=/etc/bash.bashrc.d - - - name: Include bash.bashrc.d directory - lineinfile: backup=yes state=present dest=/etc/bash.bashrc - line="source /etc/bash.bashrc.d/*" - - - name: Gentoo ps - copy: src=files/GentooPS dest=/etc/bash.bashrc.d/gentoops - - - name: Append default editor to environment - lineinfile: backup=yes state=present dest=/etc/environment - line="EDITOR=vim" - - - name: Append rails environment to environment - lineinfile: backup=yes state=present dest=/etc/environment - line="RAILS_ENV=production" - - - name: File .bashrc - copy: src=files/.bashrc dest=/root/.bashrc group=root owner=root mode=700 - - - name: Append additional file to vimrc - lineinfile: backup=yes state=present dest=/etc/vim/vimrc - line="source /etc/vim/vimrc.custom" - - - copy: src=files/vimrc.custom dest=/etc/vim/vimrc.custom - - - name: Ensure that root .ssh directory is created - file: state=directory path=/root/.ssh mode=700 - - - name: Save public key to authorized keys - get_url: url=https://github.com/rxaviers.keys dest=/root/.ssh/authorized_keys mode=700 - - - include: deploy.yml - - - include: git.yml diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml deleted file mode 100644 index 77ca28b..0000000 --- a/playbooks/deploy.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - - - name: Create deploy user - user: name=deploy shell=/bin/bash home=/srv - - - name: Lock user deploy - shell: usermod -L deploy - - - name: Create srv folder - file: path=/srv owner=deploy group=deploy state=directory - - - name: Set profile for deploy user - copy: src=files/profile dest=/srv/.profile diff --git a/playbooks/git.yml b/playbooks/git.yml deleted file mode 100644 index fc4577c..0000000 --- a/playbooks/git.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - - - name: Create git group - group: name=git state=present - - - name: Create git user - user: name=git home=/srv/git group=git shell=/bin/bash - - - name: Create git users .ssh folder - file: path=/srv/git/.ssh state=directory owner=git group=git mode=700 - - - name: Create git users authorized_keys - file: path=/srv/git/.ssh/authorized_keys state=touch owner=git group=git mode=700 - - - name: Set profile environment for git user - copy: src=files/profile dest=/srv/git/.profile owner=git group=git - - - name: Install git-core package - apt: name=git-core update_cache=yes diff --git a/site.yml b/site.yml new file mode 100644 index 0000000..a6fba6a --- /dev/null +++ b/site.yml @@ -0,0 +1,14 @@ +- name: apply common configuration to all nodes + hosts: all + remote_user: root + + tasks: + - include: common/bootstrap.yml + +- name: configure and deploy the webservers and application code + hosts: webservers + remote_user: root + + tasks: + - include: web/deploy.yml + - include: web/git.yml diff --git a/web/deploy.yml b/web/deploy.yml new file mode 100644 index 0000000..d62afb5 --- /dev/null +++ b/web/deploy.yml @@ -0,0 +1,13 @@ +--- + +- name: Create deploy user + user: name=deploy shell=/bin/bash home=/srv + +- name: Lock user deploy + shell: usermod -L deploy + +- name: Create srv folder + file: path=/srv owner=deploy group=deploy state=directory + +- name: Set profile for deploy user + copy: src=web/deploy/profile dest=/srv/.profile diff --git a/playbooks/files/profile b/web/deploy/profile similarity index 100% rename from playbooks/files/profile rename to web/deploy/profile diff --git a/web/git.yml b/web/git.yml new file mode 100644 index 0000000..b1c18c6 --- /dev/null +++ b/web/git.yml @@ -0,0 +1,19 @@ +--- + +- name: Create git group + group: name=git state=present + +- name: Create git user + user: name=git home=/srv/git group=git shell=/bin/bash + +- name: Create git users .ssh folder + file: path=/srv/git/.ssh state=directory owner=git group=git mode=700 + +- name: Create git users authorized_keys + file: path=/srv/git/.ssh/authorized_keys state=touch owner=git group=git mode=700 + +- name: Set profile environment for git user + copy: src=web/git/profile dest=/srv/git/.profile owner=git group=git + +- name: Install git-core package + apt: name=git-core update_cache=yes diff --git a/web/git/profile b/web/git/profile new file mode 100644 index 0000000..7ae7402 --- /dev/null +++ b/web/git/profile @@ -0,0 +1,2 @@ +PS1='\[\033[01;33m\]\u@\h\[\033[01;34m\] \w \$\[\033[00m\] ' +alias ls="ls --color=auto"